SecureFlag
Real-world, hands-on labs to build effective security skills for developers
Strong, Up-to-Date Content and Effective Labs in SecureFlag
Hands-On SecureFlag Labs
Hands-On Coding Training with Great Customer Success Support
The customer success team was excellent, with proactive outreach and well-organized coding campaigns. Overall, a very professional team.
Engaging, Easy-to-Use Security Labs
Great Tech Labs, Smooth Onboarding, and Outstanding Support
A wide variety of labs and motivating tournaments
Easy-to-Use Technical Training Platform
Extremely interactive labs
High level of technical details
Great customer support
Hands-on security labs have improved our skills and support continuous secure coding practice
What is our primary use case?
My main use case for SecureFlag is for learning and adopting technologies to become more secure. We completed certifications through SecureFlag as well.
A specific example of how I use SecureFlag for learning and security purposes is that we had a certification on security where we learned how to secure variables and how to pass parameters without exposing private keys and credentials.
I believe SecureFlag will be really helpful in making the platform secure by using their plan.
What is most valuable?
The best features SecureFlag offers are the labs, which provide an excellent learning resource while going through the courses.
I use the labs in SecureFlag because they are very helpful. While I progress through the courses, I can complete the labs in parallel and gain hands-on experience to learn how to implement and practice the concepts.
SecureFlag has positively impacted my organization by enhancing our skills. The platform has improved skills in my organization by allowing us to adopt new technologies. We can go through the skills we need in SecureFlag and complete the courses to gain knowledge in those areas.
What needs improvement?
I can see some areas where SecureFlag can be improved. I noticed some errors, particularly some hanging in the labs. If the labs were smoother without any disturbances, that would be great.
I hope everything is fine with the coming features, and I believe SecureFlag will deliver some more excellent features.
For how long have I used the solution?
I have been using SecureFlag for the last one year.
How are customer service and support?
SecureFlag's customer support is good. I reached out to them when I encountered some errors in the lab, and they resolved the issues I had.
I rate the customer support an eight on a scale of one to ten.
What other advice do I have?
My advice for others looking into using SecureFlag is that it will be helpful to use for the organization. I rate this product an eight overall.
Training labs have strengthened mobile app security and reduced vulnerabilities in our projects
What is our primary use case?
I am an iOS developer, and SecureFlag is mainly used to identify jailbroken situations. I have completed SecureFlag courses and labs, which is the reason for my increased involvement. I work in the cybersecurity domain where I need to use most of SecureFlag features to ensure we do not have any man-in-the-middle attacks.
SecureFlag's hands-on experiences with security vulnerabilities help my team identify vulnerabilities since the labs provided are presented in different manners. For example, in Android, it may include AndroidManifest.xml, and most people think it will be in a different place. The way it helps us learn is that if it is iOS, we refer to jailbroken devices, and if it is Android, we call it rooting. There are endless ways to learn, which is not a single approach.
My organization provided access for that.
What is most valuable?
The features of SecureFlag that I have found most valuable involve understanding and defining jailbroken devices. Jailbroken devices refer to situations where there is a chance that users can mimic the phone or their involvement, even though iPhone itself is a secured device, but there is still a chance the device can get jailbroken. Either not via internet, there might be a hardcoding way. SecureFlag, in the courses and labs I use, ensures that those kinds of vulnerabilities will not exist. That is why it was most valuable and we have relied on it most.
I have used SecureFlag's interactive exercises and have completed the labs and the courses. The interactive exercises have helped improve my security skills because I was very interested in the labs as they were organized in a different way. It is not directly a multiple-choice question or a straightforward description, and it is not lengthy with descriptions. We directly jumped into different segments including easy, medium, and hard. Inside that, we were given a lot of code, so where the initial person has the responsibility to understand the code. We read through the code and hints, and even if we missed something, the way it gives hints is something that I felt very useful.
SecureFlag has positively impacted my organization in various ways. Since courses were mostly included inside the code, the code was structured in a way that involved common classes instead of unique custom classes. The project inside the lab was not created from scratch. It is more likely in the initial classes. For instance, AppDelegate is the first class called in iOS, while Activity Manifest.xml is the first class called in Android. Including the security vulnerabilities and explaining how an attacker can exploit them benefits both our organization and developers. We have learned a lot.
What needs improvement?
A way SecureFlag can be improved would be to include video content where someone explains the approaches related to jailbroken or rooting situations. I know some videos were already there, but it would be better if more could be added.
I do not remember participating in the initial setup of SecureFlag, but I might have. We used it during the initial setup, and it was mostly straightforward. I did not face any challenges because it was mostly for learning purposes. The single sign-on feature means we do not need to enter the username and password every time, which is one good advantage.
For how long have I used the solution?
I have been working with SecureFlag for the past four to five years. I cannot say six years. My work experience is around 6.7 years, so for the past four to five years. Whenever there is a chance, I have used SecureFlag. I do have experience.
What do I think about the stability of the solution?
Regarding the stability and reliability of SecureFlag, it can handle a large scale of users without interruption. It helps to develop secure software because the number of vulnerabilities reduces, which increases turnaround time for different APIs. Security tickets raised were very few after relying on SecureFlag, which is one good advantage. We do not need to raise security tickets and wait for days; those instances have been completely reduced, providing more reliability.
What do I think about the scalability of the solution?
SecureFlag is scalable in the sense that if we would like to scale our users, it is pretty much scalable. I have learned that in terms of training, it is highly scalable because it handles a large number of users. As part of SecureFlag, we also use OAuth and SAML tools for efficient integration purposes, making it highly scalable.
How are customer service and support?
I would rate the technical support of SecureFlag as seven out of ten. It is acceptable if there is a one-day response time, but mostly I feel a maximum of three days is acceptable. They have a lot of knowledge since I raise very few queries. They are quick to respond, and they possess a good mix of practical and theoretical knowledge which helps us understand better.
Which solution did I use previously and why did I switch?
Before SecureFlag, I used an alternative solution, OWASP, which I am aware of. We learned on that before SecureFlag, but I feel SecureFlag is more advantageous when we write the code.
How was the initial setup?
I do not remember participating in the initial setup of SecureFlag, but I might have. We used it during the initial setup, and it was mostly straightforward. I did not face any challenges because it was mostly for learning purposes. The single sign-on feature means we do not need to enter the username and password every time, which is one good advantage.
What other advice do I have?
I am a user of SecureFlag. I am not a developer or a seller.
I evaluate SecureFlag's analytics and reporting tools for tracking progress and identifying security gaps by using it directly inside our app, which always has the logs maintained. The code that was there has already given us some kind of metrics that help us ensure these are weak points and these are the strong points.
Tailoring training programs to my organization's needs has helped developers because we do see a lot of benefits. Since I have been using it for six years and for these two years I have been working in the cybersecurity domain specifically, I previously knew what SecureFlag was about and had been solving only easy-related queries. Now, in the cybersecurity domain, we need to ensure the necessity of SecureFlag because we must work more into the security and ensure that no data has been shared without user or customer consent. This has given a great advantage, the best advantage, I can say.
I am not aware of the pricing of SecureFlag because whatever I have been using until now, my organization offered it.
Before choosing SecureFlag, I did not evaluate other options much. I settled with SecureFlag pretty much straight away because I did not want to miss learning about other alternatives.
I would rate my overall experience with SecureFlag as a ten out of ten.